Bill Stewart bill.stew...@pobox.com writes:
Basically, 2048's safe with current hardware
until we get some radical breakthrough
like P==NP or useful quantum computers,
and if we develop hardware radical enough to
use a significant fraction of the solar output,
we'll probably find it much
On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
si...@josefsson.org wrote:
Bill Stewart bill.stew...@pobox.com writes:
Basically, 2048's safe with current hardware
until we get some radical breakthrough
like P==NP or useful quantum computers,
and if we develop hardware radical enough
On Aug 17, 2010, at 4:20 AM, Peter Gutmann wrote:
Your code-signing system should create a tamper-resistant audit
trail [0] of
every signature applied and what it's applied to.
Peter.
[0] By this I don't mean the usual cryptographic Rube-Goldbergery,
just log
the details to a separate
On Aug 16, 2010, at 9:19 49PM, John Gilmore wrote:
who's your enemy? The NSA? The SVR? Or garden-variety cybercrooks?
Enemy? We don't have to be the enemy for someone to crack our
security. We merely have to be in the way of something they want;
or to be a convenient tool or foil in
On 17-08-2010 21:42, Perry E. Metzger wrote:
On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
si...@josefsson.org wrote:
Bill Stewart bill.stew...@pobox.com writes:
Basically, 2048's safe with current hardware
until we get some radical breakthrough
like P==NP or useful quantum computers,
On 18/08/10 3:46 AM, Peter Gutmann wrote:
Alexander Klimov alser...@inbox.ru writes:
Each real-time check reveals your interest in the check. What about privacy
implications?
(Have you ever seen a PKI or similar key-using design where anyone involved in
speccing or deploying it genuinely
On Aug 17, 2010, at 5:19 10PM, Samuel Neves wrote:
On 17-08-2010 21:42, Perry E. Metzger wrote:
On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
si...@josefsson.org wrote:
Bill Stewart bill.stew...@pobox.com writes:
Basically, 2048's safe with current hardware
until we get some radical
Forwarded at Andrew's request.
Original Message
Subject: Re: 2048-bit RSA keys
Date: Tue, 17 Aug 2010 19:11:55 -0500 (CDT)
From: Andrew Odlyzko odly...@umn.edu
To: Samuel Neves sne...@dei.uc.pt
CC: cryptography@metzdowd.com
It is not unreasonable to
On Tue, 17 Aug 2010, Steven Bellovin wrote:
They also suggest that a 3-4 year phase-out of 1024-bit moduli is the proper
course.
Note that this is because they take into consideration that secrets have
to be unbreakable for decade(s), which is not the case for all uses of
RSA. For example in
On 2010-08-15 7:59 AM, Thor Lancelot Simon wrote:
Indeed. The way forward would seem to be ECC, but show me a load balancer
or even a dedicated SSL offload device which supports ECC.
For sufficiently strong security, ECC beats factoring, but how strong is
sufficiently strong? Do you have
On 2010-08-17 3:46 PM, Jonathan Katz wrote:
Many on the list may already know this, but I haven't seen it mentioned
on this thread. The following paper (that will be presented at Crypto
tomorrow!) is most relevant to this discussion:
Factorization of a 768-bit RSA modulus,
11 matches
Mail list logo
